The inmate is hacking the asylum
Incident Date: January 2005 Incident Location: Greeley CO USA A combination of poor password and access control practices allowed an inmate from the Weld County Jail in Greeley Colorado to browse through financial and personnel records of more than 900 county workers. Officials reported January 11, 2005 that they had charged the inmate, Alfred Loader, with one felony and one misdemeanor count of computer theft for allegedly accessing and printing some of the records. A misconfiguration on the county server permitted data access to anyone with a valid username and a connection to the county network. Improper controls also allowed user accounts to have passwords that were blank or that matched the user account name. Mr. Loader apparently found one of these user accounts while on a computer in the jail’s law library. With this access, Mr. Loader was able to access both the county server and the Internet, both of which should have been off limits to inmates. Affiliated Computer Systems Inc. (ACS), the company that maintains the county’s computers, was blamed for the incident. A county employee discovered and reported the server’s access control problem earlier in 2004. ACS personnel apparently failed to properly implement controls when the system was installed and efforts to correct the problem missed the account used by Mr. Loader. An investigator in this case reported that they were not aware of any abuses of the data found on the server. Mr. Loader claims that he was just bored and wanted to improve his computer skills, not carry out any further crimes. Story Sources Title: Inmate charged in hacking Author: Rebecca Waddingham Date: 1/12/2005 Publication: Greeley Tribune Publication Location: Greeley CO USA Publication URL: http://www.greeleytrib.com/apps/pbcs.dll/article?AID=/20050112/NEWS/101120049&rs=2 Do you have additional information to contribute regarding this story? If so, please email siteupdates@passwordresearch.com with the details and source.
<-- Back to Authentication Story Index |